# Copyright 2019 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# NOTE: This file is auto generated by the elixir code generator program.
# Do not edit this file manually.

defmodule GoogleApi.ServiceUser.V1.Model.AuthProvider do
  @moduledoc """
  Configuration for an authentication provider, including support for
  [JSON Web Token
  (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).

  ## Attributes

  *   `audiences` (*type:* `String.t`, *default:* `nil`) - The list of JWT
      [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
      that are allowed to access. A JWT containing any of these audiences will
      be accepted. When this setting is absent, only JWTs with audience
      "https://Service_name/API_name"
      will be accepted. For example, if no audiences are in the setting,
      LibraryService API will only accept JWTs with the following audience
      "https://library-example.googleapis.com/google.example.library.v1.LibraryService".

      Example:

          audiences: bookstore_android.apps.googleusercontent.com,
                     bookstore_web.apps.googleusercontent.com
  *   `authorizationUrl` (*type:* `String.t`, *default:* `nil`) - Redirect URL if JWT token is required but not present or is expired.
      Implement authorizationUrl of securityDefinitions in OpenAPI spec.
  *   `id` (*type:* `String.t`, *default:* `nil`) - The unique identifier of the auth provider. It will be referred to by
      `AuthRequirement.provider_id`.

      Example: "bookstore_auth".
  *   `issuer` (*type:* `String.t`, *default:* `nil`) - Identifies the principal that issued the JWT. See
      https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1
      Usually a URL or an email address.

      Example: https://securetoken.google.com
      Example: 1234567-compute@developer.gserviceaccount.com
  *   `jwksUri` (*type:* `String.t`, *default:* `nil`) - URL of the provider's public key set to validate signature of the JWT. See
      [OpenID
      Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
      Optional if the key set document:
       - can be retrieved from
         [OpenID
         Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html of
         the issuer.
       - can be inferred from the email domain of the issuer (e.g. a Google
       service account).

      Example: https://www.googleapis.com/oauth2/v1/certs
  """

  use GoogleApi.Gax.ModelBase

  @type t :: %__MODULE__{
          :audiences => String.t(),
          :authorizationUrl => String.t(),
          :id => String.t(),
          :issuer => String.t(),
          :jwksUri => String.t()
        }

  field(:audiences)
  field(:authorizationUrl)
  field(:id)
  field(:issuer)
  field(:jwksUri)
end

defimpl Poison.Decoder, for: GoogleApi.ServiceUser.V1.Model.AuthProvider do
  def decode(value, options) do
    GoogleApi.ServiceUser.V1.Model.AuthProvider.decode(value, options)
  end
end

defimpl Poison.Encoder, for: GoogleApi.ServiceUser.V1.Model.AuthProvider do
  def encode(value, options) do
    GoogleApi.Gax.ModelBase.encode(value, options)
  end
end
